pure-ftpd with geoip

During the last few weeks we are experiencing compromised FTP accounts within our production. These accounts seem to be stolen from infected Windows client machines, infected by malware or trojans. As far as I know the issues, everyone of them is using Total Commander… TC seems to save the credentials in plain text form, unencrypted. Fine. I have been going through pure-ftpd log to gather ips that had been used to upload files. [Read More]
ftp  geoip  patch